How to stop scipt running?

Hi all,

I’m using this command

While (!$SourceUser) {
    $copyfrom = Read-Host -Prompt "Copy Groups From"

    Try {
        $SourceUser = Get-ADUser -Identity $copyfrom -Properties memberof
    Catch {
        $copyfrom = Read-Host -Prompt "User not found.  Please enter a user to copy groups from"
$SourceUser = Get-ADUser -Identity $copyfrom -Properties memberof
$SelectedGroups = $SourceUser.memberof | 
    Add-ADGroupMember -Members $username -PassThru | 
    Select-Object -ExpandProperty Name

but the script is working just for one user. any way that its can work for all users?

Could you explain how it’s not working for the other users?

yes , sorry
when i run the script for the first user I get this message “User not found. Please enter a user to copy groups from” until I enter the user who exist in AD.

but after that, it is not ask me to enter the new user.

If you run this code more than once in the same console the variable $SourceUser is already defined after the first run. That’s why you don’t get prompted the second time. :wink:

Again - it would be a better approach to offer a choice of users to pick from instead of asking for error prone free text input. :wink:

like this?

$userName = Read-Host "Username"

    get-aduser $userName -Properties PasswordExpired, CanonicalName, LockedOut, msRTCSIP-PrimaryUserAddress, memberof, msExchArchiveStatus | select @{Name="Username"; Expression={$_.SamAccountName}}, @{Name="OU"; Expression={((($_).CanonicalName).replace("/","\")).replace("\","")}}, @{Name="SIP (Skype) Address"; Expression={$_."msRTCSIP-PrimaryUserAddress".split(":")[1]}}, @{Name="On-Cloud"; Expression={$onCloud = ($_).msExchArchiveStatus; if($onCloud -gt 0){$true}else{$false}}}, @{Name="IsPasswordExpired"; Expression={$_.PasswordExpired}}, @{Name="IsUserLocked"; Expression={$_.LockedOut}}, Enabled, @{Name="Groups"; Expression={($_).memberof | foreach -Begin{$listGroups = @()} -process{
        $groupName = $_.split(",")[0].split("=")[1]

        # Add custom keywords to search the user's groups.
        $groups = "FTP-W", "FTP-R", "IE-Block", "Test", "Domain Users"
        foreach($group in $D){
            if($groupName -like "*$group*"){
              $listGroups+= $groups + $groupName + "`n"
        } -end{$sortedGroups = ($listGroups | sort); $sortedGroups -join ""}

I can’t offer any suggestion until I know what you’re trying to accomplish.

Actually no. How is that code snippet related to the code snippet and to the question in your initial post? :thinking:

Usually when a new user starts you want them to be “like” one of a limited number of users. Not just any user in the company.
Say someone starts in Accounting you want them to be like “George”, in Sales they should be like “Lisa” and an executive might be like “Anna”. So instead of letting users pick any person to impersonate you could in your script let them pick between “George”, “Lisa” and “Anna”.

Unless you are extremely rigid in your group structure, there is a problem with picking a user to copy groups (and permissions) from. If the user for some reason has needed access to something they usually wouldn’t have access to as part of their day-to-day work, those groups and permissions would be copied to the new user as well.

However I think a better choice is to create a number of templates instead. Basically in your script you define roles in stead of impersonating other users.
For instance you could create a set of variables containing the groups for each role:

# All new users need the following groups
$defaultGroups = @('AllUsers')
# Members of Accounting need the following:
$accountGroups = @('Accounting','Finance')
# Members of Sales need the following:
$salesGroups = @('Sales','Finance',)
# Members of the Executive have the following
$executiveGroups = @('Executive','PrivateRestroom')

So when a new user starts you just use the relevant group-array to create the new user based on their role in the company.
If they need special permissions of the kind mentioned above, you can handle that on a case by case basis.

This should probably have been in the original thread, just caught on Olafs comment about choosing users to pick from.

1 Like

I just want the my script will run untill i will enter correct user